2011/1/22 Robert Haas <robertmh...@gmail.com>: > On Fri, Jan 21, 2011 at 10:46 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Robert Haas <robertmh...@gmail.com> writes: >>> On Fri, Jan 21, 2011 at 9:55 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: >>>> ALTER FUNCTION is supposed to cause plan invalidation in such a case. >>>> Not sure if GRANT plays nice with that though. >> >>> And in the case of SE-Linux, this could get changed from outside the >>> database. Not sure how to handle that. I guess we could just never >>> inline anything, but that might be an overreaction. >> >> I think SELinux is just out of luck in that case. If it didn't refuse >> execution permission at the time we checked before inlining (which we >> do), it doesn't get to change its mind later. > > Seems reasonable to me, if it works for KaiGai. > I assume users of SE-PostgreSQL put their first priority on security, not best-performance. So, I also think it is reasonable to kill a part of optimization for the strict security checks.
Here is one request for the hook. needs_fmgr_hook() is called by fmgr_info_cxt_security() and routines to inline. I need a flag to distinct these cases, because we don't need to invoke all the functions via fmgr_security_definer(), even if it never allows to inline. Thanks, -- KaiGai Kohei <kai...@kaigai.gr.jp> -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
